Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 00:25
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
16 Jun 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Apr 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2012-09-24 17:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-3451
Mitre link : CVE-2012-3451
CVE.ORG link : CVE-2012-3451
JSON object : View
Products Affected
apache
- cxf
CWE
CWE-20
Improper Input Validation